I recently purchased a Email Certificate from Verisign for Encryption and Digitally Signing My email and it works fine with everybody who has outlook. Why is it that i cant send an encrypted email with someone thats using yahoo? i was messing with sending myself an encrypted email, and got it to work an hour later. why is it that in order for me to send an encrypted message to someone i have to have their certificated stored in my adress book?

Rome wrote:

I recently purchased a Email Certificate from Verisign for Encryption
and Digitally Signing My email and it works fine with everybody who
has outlook. Why is it that i cant send an encrypted email with
someone thats using yahoo? i was messing with sending myself an
encrypted email, and got it to work an hour later. why is it that in
order for me to send an encrypted message to someone i have to have
their certificated stored in my adress book?

Because when you send an encrypted message, you're not using your
certificate to encrypt it. They have to have a public key in order for you
to encrypt a message to them. You encrypt using the recipient's
certificate's public key and they decrypt using their private key. The
encrypt and send you a message using your public key and you descript it
with your private key. In an exchange of encrypted messages, both sides
must have certificates because both sides need public/private keys.
--
Brian Tillman

"Brian Tillman" wrote in message
...
Rome wrote:

I recently purchased a Email Certificate from Verisign for Encryption
and Digitally Signing My email and it works fine with everybody who
has outlook. Why is it that i cant send an encrypted email with
someone thats using yahoo? i was messing with sending myself an
encrypted email, and got it to work an hour later. why is it that in
order for me to send an encrypted message to someone i have to have
their certificated stored in my adress book?

Because when you send an encrypted message, you're not using your
certificate to encrypt it. They have to have a public key in order for
you
to encrypt a message to them. You encrypt using the recipient's
certificate's public key and they decrypt using their private key. The
encrypt and send you a message using your public key and you descript it
with your private key. In an exchange of encrypted messages, both sides
must have certificates because both sides need public/private keys.

Both sides need an S/MIME enabled mail client as well.
This is rather hard with Yahoo,
unless you use a desktop mail client
and not the original webmail interface.

Vizvary Istvan III
http://www.cryptigo.com

"Rome" wrote in message
...
I recently purchased a Email Certificate from Verisign for Encryption and
Digitally Signing My email and it works fine with everybody who has outlook.
Why is it that i cant send an encrypted email with someone thats using
yahoo? i was messing with sending myself an encrypted email, and got it to
work an hour later. why is it that in order for me to send an encrypted
message to someone i have to have their certificated stored in my adress
book?


--- REPLY SEPARATOR ---
(only needed because the OP use quoted-printable format in their post)

Because you did not train yourself by researching on how certificates work.
You encrypt a messages using SOMEONE ELSE's public key. The only person
that can decrypt that message is the one that has the matching private key.
You digitally sign a message so you can give your PUBLIC key to someone
else, who can then use that public key to encrypt a message they send to you
whereupon you use your private key to decrypt their message. Similarly, for
you to send someone else an encrypted message means you have to get their
public key used to encrypt the message.

You want to send them a digitally signed message:
Use the public key from your certificate.

You want to send them an encrypted message:
Use THEIR *public* key in THEIR certificate.
They decrypt using THEIR *private* key.

They want to send you a digitally signed message:
They use their public key from their certificate.

They want to send you an encrypte message:
They need to use YOUR public key from YOUR certificate.
You decrypt using YOUR *private* key.

The certicate owner retains safety of their certificate by NOT divulging
their private key. The certificate owner gets a public and private key.
Everyone else only gets the public key. Since no one but the certificate
owner has the private key, no one else can [easily] decrypt a message
encrypted with their public key (i.e., everyone else only gets half of the
key).

--
__________________________________________________
Post replies to the newsgroup. Share with others.
For e-mail: Remove "NIX" and add "#VN" to Subject.
__________________________________________________

thank you for all your answers. I guess i was really confused on the public
and private key situation, but that cleared it up. thanks again.


"Vanguard" wrote in message
...
"Rome" wrote in message
...
I recently purchased a Email Certificate from Verisign for Encryption and
Digitally Signing My email and it works fine with everybody who has
outlook. Why is it that i cant send an encrypted email with someone thats
using yahoo? i was messing with sending myself an encrypted email, and got
it to work an hour later. why is it that in order for me to send an
encrypted message to someone i have to have their certificated stored in
my adress book?


--- REPLY SEPARATOR ---
(only needed because the OP use quoted-printable format in their post)

Because you did not train yourself by researching on how certificates
work. You encrypt a messages using SOMEONE ELSE's public key. The only
person that can decrypt that message is the one that has the matching
private key. You digitally sign a message so you can give your PUBLIC key
to someone else, who can then use that public key to encrypt a message
they send to you whereupon you use your private key to decrypt their
message. Similarly, for you to send someone else an encrypted message
means you have to get their public key used to encrypt the message.

You want to send them a digitally signed message:
Use the public key from your certificate.

You want to send them an encrypted message:
Use THEIR *public* key in THEIR certificate.
They decrypt using THEIR *private* key.

They want to send you a digitally signed message:
They use their public key from their certificate.

They want to send you an encrypte message:
They need to use YOUR public key from YOUR certificate.
You decrypt using YOUR *private* key.

The certicate owner retains safety of their certificate by NOT divulging
their private key. The certificate owner gets a public and private key.
Everyone else only gets the public key. Since no one but the certificate
owner has the private key, no one else can [easily] decrypt a message
encrypted with their public key (i.e., everyone else only gets half of the
key).

--
__________________________________________________
Post replies to the newsgroup. Share with others.
For e-mail: Remove "NIX" and add "#VN" to Subject.
__________________________________________________

Vizvary Istvan III wrote:

Both sides need an S/MIME enabled mail client as well.

That, too.
--
Brian Tillman